Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

nucleus

SBOM Is Not the Savior - Addressing the Deeper Problems in Supply Chain Security

Jun 18, 2025 By Scott Kuffer In Nucleus
I hear a lot these days about SBOMs and how they are going to be the key to supply chain security accountability, to even include a Presidential Executive Order mandating SBOMs in the procurement process for federal agencies. There are multiple areas of research going on in this area, such as this Academic SBOM Repository. But before we get too far down the road, let’s get one thing straight: SBOM isn’t going to save us. It’s a transparency tool, not a solution.
Read Post
netskope

Accelerate Intelligence with Automated & Unified Data Security

Jun 18, 2025 By Tom Baumgartner In Netskope
When it comes to data security, you want it to be accurate, reliable, thorough, and fast. Ideally, faster today than it was yesterday, and faster tomorrow than it was today, to address increasing data security needs in the same amount of time or less. We’re seeing a growing prevalence of employees using unmanaged devices, handling sensitive organizational structured and unstructured data, and accessing managed and unmanaged apps with those devices and that data.
Read Post
keeper

Grant Temporary Record Access Without Compromising Security With Keeper One-Time Share

Jun 18, 2025 By Rachel Gessner In Keeper
With Keeper’s One-Time Share feature, sharing confidential information with someone who doesn’t have a Keeper account doesn’t have to be complicated. One-Time Share provides time-limited, “read only” access to a Keeper record with anyone, without exposing information over email, text message or messaging.
Read Post

Security Champion: Recruit Volunteers, Not Experts! #Cybersecurity

Jun 18, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
upguard

Why Your Organization's Security Awareness Training Isn't Working

Jun 18, 2025 By Leah Sadoian In UpGuard
Your IT department just sent out its annual reminder to complete security awareness training. Employees dutifully clicked through their training modules, passed a short quiz, and checked off the compliance box for another year. Ask yourself, does this process really give you confidence that your organization is prepared to dispel today’s security threats? Well, the odds aren’t in your favor.
Read Post

Why Identity Compromises Require Surgical Remediation

Jun 18, 2025 By Netwrix In Netwrix
Reimaging a laptop is easy. Remediating a compromised identity? Not so much. In this webinar snippet, Tyler Reese explains why traditional remediation tactics don’t work for Active Directory compromises — and what security teams should do instead. Rather than starting from scratch, take a targeted approach to locate and neutralize attacker persistence while maintaining business continuity. Learn the importance of surgical remediation in identity security and how to mitigate risk without disrupting your operations.
View Video

Shopify Single Sign-On (SSO) | Non-Plus/Plus Stores | Customer Accounts, B2B Login & Horizon Support

Jun 18, 2025 By miniOrange In miniOrange
Enable a secure and smooth login experience on your Shopify stores with Shopify Single Sign-On (SSO) from miniOrange, now enhanced with support for Shopify Customer Accounts, B2B logins, and fully compatible with the latest Shopify Horizon theme. SSO Integration Made Easy: • Connect your Shopify store to multiple identity providers (IDP), including Azure AD, ADFS, Okta, AWS Cognito, Google Apps (GSuite), OneLogin, and more, using trusted authentication protocols (SAML, OAuth, OpenID Connect).• Plus, we also offer support for Two-Factor Authentication (2FA) for extra protection.
View Video
outpost 24

Tokens & traps: Seven common OAuth vulnerabilities (plus mitigations)

Jun 18, 2025 By Marcus White In Outpost 24
In the world of modern web applications, the OAuth flow is our trusty gatekeeper, enabling seamless logins and secure data sharing. But its flexibility (designed to handle myriad use cases) is also its Achilles’ heel. A tiny misstep in URI validation or a missing state check can turn a robust token exchange into an open invitation for attackers, leading to serious OAuth vulnerabilities that compromise user data and application security.
Read Post
salt security

Eliminate Your AWS API Blind Spots in Minutes

Jun 18, 2025 By Eric Schwake In Salt Security
Traditionally, securing APIs in AWS has involved a frustrating trade-off. Obtaining a full view of your API Fabric requires weeks or months of deploying various agents, setting up traffic analysis, and enduring lengthy professional services engagements. The outcome? An unacceptably slow time-to-value that keeps you unaware of potential risks for too long. The main issue hasn't only been locating APIs, but also the extensive wait to identify them. But what if that trade-off is no longer necessary?
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.